Sophos’ Secure by Design 2025 Progress
We are pleased to openly share our pledges and the progress we are making in each of the seven core pillars of product security in the Secure by Design framework
Similar Posts
Desjardins data breach: Quebec suspect arrested in Spain
Bys sCity News reports: A man wanted Canada-wide in connection with a multimillion-dollar fraud and data theft of Desjardins clients was arrested in Spain, according to Quebec provincial police. The Sûreté du Québec says Juan Pablo Serrano, considered among the province’s most wanted fugitives, was arrested Nov. 6, 2025. He remains in custody in Spain. Authorities……
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Bys sChrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers. The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
DOGE accused of copying entire Social Security database to insecure cloud system
Bys sJon Brodkin reports: A Social Security Administration (SSA) official alleged in a whistleblower disclosure that DOGE officials created “a live copy of the country’s Social Security information in a cloud environment that circumvents oversight.” Chuck Borges, the SSA’s Chief Data Officer (CDO), “has become aware through reports to him of serious data security lapses, evidently……
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Bys sA maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded…
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
Bys sRansomware doesn’t hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it’s too late to stop the flood. Each stage of a ransomware attack offers a small…
China slaps 1-hour deadline on reporting serious cyber incidents
Bys sPaul Kunert reports: Beijing will soon expect Chinese network operators to ‘fess up to serious cyber incidents within an hour of spotting them – or risk penalties for dragging their feet. From November 1, the Cyberspace Administration of China (CAC) will enforce its new National Cybersecurity Incident Reporting Management Measures, a sweeping set of rules that tighten……